自动化运维-centos 8 kickstart系统批量部署

了解kickstart

what’s kickstart

kickstart 是使用一个标准的站点为一些机器安装统一配置的linux 操作系统。

kickstart的配置文件的获得方式:

手动写入

使用GUI system-config-kickstart 工具

使用标准的Red Hat安装程序Anaconda

anaconda-ks.cfg文件

每次CentOS linux 系统安装完毕后,Anaconda将会在ROOT家目录下生成一个anaconda-ks.cfg文件,使用它可以完成相同设置的自动安装,也可以用system-config-kickstart工具进行编辑该文件进行修改。对anaconda-ks.cfg文件修改可以生成自己需要的系统安装自应答文件。

kickstart文件

kickstart文件可以包含系统安装所有需要的交互,也包含系统安装前需要执行的脚本及系统安装后执行的脚本。

kickstart部署实验图

centos pxe 批量装机_kickstart


环境:

selinux关闭,防火墙关闭

Server:192.168.2.100

Step 1 配置dnf源

[root@localhost ~]# cat server.repo 
[serverApp]
name=app
enabled=1
gpgcheck=0
baseurl=file:///mnt/AppStream
[serverOS]
name=os
enabled=1
gpgcheck=0
baseurl=file:///mnt/BaseOS

Step 2 安装软件包

[root@localhost ~]# dnf install dhcp-server tftp-server httpd syslinux -y
app                                                                                             74 MB/s | 5.2 MB     00:00    
os                                                                                              75 MB/s | 2.2 MB     00:00    
上次元数据过期检查:0:00:01 前,执行于 2019年12月01日 星期日 20时49分26秒。
依赖关系解决。
===============================================================================================================================
 软件包                        架构              版本                                               仓库                  大小
===============================================================================================================================
Installing:
 httpd                         x86_64            2.4.37-11.module_el8.0.0+172+85fc1f40              serverApp            1.7 M
 tftp-server                   x86_64            5.2-24.el8                                         serverApp             50 k
 dhcp-server                   x86_64            12:4.3.6-30.el8                                    serverOS             529 k
 syslinux                      x86_64            6.04-1.el8                                         serverOS             576 k
安装依赖关系:
 apr                           x86_64            1.6.3-9.el8                                        serverApp            125 k
 apr-util                      x86_64            1.6.1-6.el8                                        serverApp            105 k
 centos-logos-httpd            noarch            80.5-2.el8                                         serverApp             24 k
 httpd-filesystem              noarch            2.4.37-11.module_el8.0.0+172+85fc1f40              serverApp             34 k
 httpd-tools                   x86_64            2.4.37-11.module_el8.0.0+172+85fc1f40              serverApp            102 k
 mod_http2                     x86_64            1.11.3-2.module_el8.0.0+10+abf51267                serverApp            156 k
 syslinux-nonlinux             noarch            6.04-1.el8                                         serverOS             551 k
安装弱的依赖:
 apr-util-bdb                  x86_64            1.6.1-6.el8                                        serverApp             25 k
 apr-util-openssl              x86_64            1.6.1-6.el8                                        serverApp             27 k
Enabling module streams:
 httpd                                           2.4                                                                          

事务概要
===============================================================================================================================
安装  13 软件包

总计:3.9 M
安装大小:9.9 M
下载软件包:
运行事务检查
事务检查成功。
运行事务测试
事务测试成功。
运行事务
  准备中      :                                                                                                            1/1 
  Installing  : apr-1.6.3-9.el8.x86_64                                                                                    1/13 
  运行脚本    : apr-1.6.3-9.el8.x86_64                                                                                    1/13 
  Installing  : apr-util-bdb-1.6.1-6.el8.x86_64                                                                           2/13 
  Installing  : apr-util-openssl-1.6.1-6.el8.x86_64                                                                       3/13 
  Installing  : apr-util-1.6.1-6.el8.x86_64                                                                               4/13 
  运行脚本    : apr-util-1.6.1-6.el8.x86_64                                                                               4/13 
  Installing  : httpd-tools-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64                                                  5/13 
  Installing  : syslinux-nonlinux-6.04-1.el8.noarch                                                                       6/13 
  Installing  : syslinux-6.04-1.el8.x86_64                                                                                7/13 
  运行脚本    : httpd-filesystem-2.4.37-11.module_el8.0.0+172+85fc1f40.noarch                                             8/13 
  Installing  : httpd-filesystem-2.4.37-11.module_el8.0.0+172+85fc1f40.noarch                                             8/13 
  Installing  : centos-logos-httpd-80.5-2.el8.noarch                                                                      9/13 
  Installing  : mod_http2-1.11.3-2.module_el8.0.0+10+abf51267.x86_64                                                     10/13 
  Installing  : httpd-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64                                                       11/13 
  运行脚本    : httpd-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64                                                       11/13 
  运行脚本    : dhcp-server-12:4.3.6-30.el8.x86_64                                                                       12/13 
  Installing  : dhcp-server-12:4.3.6-30.el8.x86_64                                                                       12/13 
  运行脚本    : dhcp-server-12:4.3.6-30.el8.x86_64                                                                       12/13 
  Installing  : tftp-server-5.2-24.el8.x86_64                                                                            13/13 
  运行脚本    : tftp-server-5.2-24.el8.x86_64                                                                            13/13 
  运行脚本    : httpd-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64                                                       13/13 
  运行脚本    : tftp-server-5.2-24.el8.x86_64                                                                            13/13 
  验证        : apr-1.6.3-9.el8.x86_64                                                                                    1/13 
  验证        : apr-util-1.6.1-6.el8.x86_64                                                                               2/13 
  验证        : apr-util-bdb-1.6.1-6.el8.x86_64                                                                           3/13 
  验证        : apr-util-openssl-1.6.1-6.el8.x86_64                                                                       4/13 
  验证        : centos-logos-httpd-80.5-2.el8.noarch                                                                      5/13 
  验证        : httpd-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64                                                        6/13 
  验证        : httpd-filesystem-2.4.37-11.module_el8.0.0+172+85fc1f40.noarch                                             7/13 
  验证        : httpd-tools-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64                                                  8/13 
  验证        : mod_http2-1.11.3-2.module_el8.0.0+10+abf51267.x86_64                                                      9/13 
  验证        : tftp-server-5.2-24.el8.x86_64                                                                            10/13 
  验证        : dhcp-server-12:4.3.6-30.el8.x86_64                                                                       11/13 
  验证        : syslinux-6.04-1.el8.x86_64                                                                               12/13 
  验证        : syslinux-nonlinux-6.04-1.el8.noarch                                                                      13/13 

已安装:
  httpd-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64          tftp-server-5.2-24.el8.x86_64                                   
  dhcp-server-12:4.3.6-30.el8.x86_64                          syslinux-6.04-1.el8.x86_64                                      
  apr-util-bdb-1.6.1-6.el8.x86_64                             apr-util-openssl-1.6.1-6.el8.x86_64                             
  apr-1.6.3-9.el8.x86_64                                      apr-util-1.6.1-6.el8.x86_64                                     
  centos-logos-httpd-80.5-2.el8.noarch                        httpd-filesystem-2.4.37-11.module_el8.0.0+172+85fc1f40.noarch   
  httpd-tools-2.4.37-11.module_el8.0.0+172+85fc1f40.x86_64    mod_http2-1.11.3-2.module_el8.0.0+10+abf51267.x86_64            
  syslinux-nonlinux-6.04-1.el8.noarch                        

完毕!

Step 3 搭建并启动DHCP

[root@localhost ~]# vim /etc/dhcp/dhcpd.conf 
subnet 192.168.2.0 netmask 255.255.255.0 {
        option routers          192.168.2.100;
        range                   192.168.2.10    192.168.2.20;
        next-server             192.168.2.100;
        filename                "pxelinux.0";
}

[root@localhost ~]# systemctl start dhcpd
[root@localhost ~]# systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
   Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Sun 2019-12-01 20:58:49 EST; 3s ago
     Docs: man:dhcpd(8)
           man:dhcpd.conf(5)
 Main PID: 31465 (dhcpd)
   Status: "Dispatching packets..."
    Tasks: 1 (limit: 50687)
   Memory: 5.0M
   CGroup: /system.slice/dhcpd.service
           └─31465 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid

12月 01 20:58:49 localhost.localdomain dhcpd[31465]: ** Ignoring requests on virbr0.  If this is not what
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: you want, please write a subnet declaration
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: in your dhcpd.conf file for the network segment
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: to which interface virbr0 is attached. **
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: 
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: Listening on LPF/ens33/00:0c:29:11:47:97/192.168.2.0/24
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: Sending on   LPF/ens33/00:0c:29:11:47:97/192.168.2.0/24
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: Sending on   Socket/fallback/fallback-net
12月 01 20:58:49 localhost.localdomain dhcpd[31465]: Server starting service.
12月 01 20:58:49 localhost.localdomain systemd[1]: Started DHCPv4 Server Daemon.
[root@localhost ~]# netstat -antlup | grep :67
udp        0      0 0.0.0.0:67              0.0.0.0:*                           31465/dhcpd         
udp        0      0 0.0.0.0:67              0.0.0.0:*                           1345/dnsmasq

Step 4 生成需要的文件并启动tftp服务

[root@localhost ~]# cp /usr/share/syslinux/pxelinux.0		/var/lib/tftpboot/
[root@localhost ~]# cp /mnt/isolinux/{vmlinuz,ldlinux.c32,initrd.img} 		/var/lib/tftpboot/
[root@localhost ~]# mkdir /var/lib/tftpboot/pxelinux.cfg
[root@localhost ~]# vim /var/lib/tftpboot/pxelinux.cfg/default			#生成default文件
default linux
timeout 3
label linux
  kernel vmlinuz
  append initrd=initrd.img ip=dhcp method=http://192.168.2.100/RHEL ks=http://192.168.2.100/ks.cfg
[root@localhost mnt]# systemctl start tftp			#启动tftp服务
[root@localhost mnt]# systemctl status tftp
● tftp.service - Tftp Server
   Loaded: loaded (/usr/lib/systemd/system/tftp.service; indirect; vendor preset: disabled)
   Active: active (running) since Sun 2019-12-01 21:44:06 EST; 5s ago
     Docs: man:in.tftpd
 Main PID: 33477 (in.tftpd)
    Tasks: 1 (limit: 50687)
   Memory: 252.0K
   CGroup: /system.slice/tftp.service
           └─33477 /usr/sbin/in.tftpd -s /var/lib/tftpboot

12月 01 21:44:06 localhost.localdomain systemd[1]: Started Tftp Server.
[root@localhost mnt]# netstat -antulp | grep :69
udp6       0      0 :::69                   :::*                                1/systemd

Step 5 搭建并启动http服务

[root@localhost ~]# mkdir /var/www/html/RHEL		#建立软件包存放目录
[root@localhost ~]# mount /dev/cdrom /var/www/html/RHEL		#将光盘挂载到对应目录中

Step 6 生成ks.cfg文件

由于CentOS8.0中没有system-config-kickstart包,所以无法通过工具生成ks文件,需要手动生成,例子中root用户和新建的gongjh用户的密码都为‘`123qwe’

如果需要自己额外指定密码,请使用其它工具进行转换,例如doveadm命令

cp /root/anaconda-ks.cfg /var/www/html/ks.cfg	#生成ks.cfg文件
[root@localhost ~]# vim /var/www/html/ks.cfg
#version=RHEL8
ignoredisk --only-use=sda
autopart --type=lvm
# Partition clearing information
clearpart --all			#删除所有分区
# Use graphical install
graphical
url     --url="http://192.168.2.100/RHEL/"			#指定安装URL
# Keyboard layouts
keyboard --vckeymap=cn --xlayouts='cn'
# System language
lang zh_CN.UTF-8
# Network information
network  --bootproto=dhcp --device=ens33 --ipv6=auto --activate
network  --hostname=localhost.localdomain
# Root password	“`123qwe”			#root用户的密码"`123qwe"
rootpw --iscrypted $6$lYV8xqOfEWbJZ/8Y$YXDve/YNwljyh6BnrMHkKm.18kyUqZkHBpA4DHA/nEhXckJfNPLpclgNcQUS64XQSDZRAdlWzjPsI8sCe1dPo0
# X Window System configuration information
xconfig  --startxonboot
# Run the Setup Agent on first boot
#firstboot disable		#初次启动设置
firstboot --disable
# System services
services --enabled="chronyd"
# System timezone
timezone America/New_York --isUtc
#Reboot after installation	#安装完成后自动重启
reboot
# License agreement		#同意授权协议
eula --agreed
#Add a new user named tyschool password “`123qwe” group whell			#普通用户名字为tyschool密码"`123qwe"
user --groups=wheel --name=tyschool --password=$6$GnUoYHa8rYy7XfrK$0OSNtZwn7.mq4mTeEXQvebx8AEKMV7/PYBS0qfLXUUMJFQozCVMGZY3c0gYcfaKhkCDVQAcxCpi01A5f6a9XC. --iscrypted --gecos="tyschool_com_cn"
%packages
@^graphical-server-environment
%end

%addon com_redhat_kdump --disable --reserve-mb='auto'

%end

%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end

Step 7 修改文件权限,启动http服务

[root@localhost ~]# chmod a+r /var/www/html/ks.cfg
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Sun 2019-12-01 22:00:58 EST; 10s ago
     Docs: man:httpd.service(8)
 Main PID: 33976 (httpd)
   Status: "Running, listening on: port 80"
    Tasks: 213 (limit: 50687)
   Memory: 40.4M
   CGroup: /system.slice/httpd.service
           ├─33976 /usr/sbin/httpd -DFOREGROUND
           ├─33977 /usr/sbin/httpd -DFOREGROUND
           ├─33978 /usr/sbin/httpd -DFOREGROUND
           ├─33979 /usr/sbin/httpd -DFOREGROUND
           └─33980 /usr/sbin/httpd -DFOREGROUND

12月 01 22:00:58 localhost.localdomain systemd[1]: Starting The Apache HTTP Server...
12月 01 22:00:58 localhost.localdomain httpd[33976]: AH00558: httpd: Could not reliably determine the server's fully qualified>
12月 01 22:00:58 localhost.localdomain httpd[33976]: Server configured, listening on: port 80
12月 01 22:00:58 localhost.localdomain systemd[1]: Started The Apache HTTP Server.
[root@localhost ~]# netstat -antlp | grep :80
tcp6       0      0 :::80                   :::*                    LISTEN      33976/httpd

Step 8 测试

选择网络启动

centos pxe 批量装机_kickstart_02

获取IP和相关文件

centos pxe 批量装机_系统批量部署_03

开启安装进程

centos pxe 批量装机_centos8_04

安装完成后自动重启

centos pxe 批量装机_系统批量部署_05